Blog & Tools

Networks must be protected inside the perimeter, too

Layered Cybersecurity - Protecting the Network

Providing good cybersecurity requires an acknowledgement that protecting the edge of a network well is no longer enough.

Next Generation Firewalls and Unified Threat Management devices can effectively help protect the perimeter of network. But an increasing number of attacks are coming from the inside of networks. Taking a layered approach to security means steps also must be taken to protect the network interior.

Protecting internal networks takes some obvious precautions, such as promptly applying software updates on equipment and locking doors to control access to sensitive equipment. More advanced precautionary steps should be taken, too.

Any successful attack from within a network, just like a successful penetration of the perimeter, should be isolated and contained to minimize the potential for damage. Segmenting networks can help: give employees access to what they need to do their jobs and no more.

Social engineering has become a trendy, cautionary phrase in cybersecurity. That’s a fancy way of pointing out, for example, that hackers are always trying to trick people into giving them access to corporate information. The attempt might come in a tainted email or flash drive, or even in a phone conversation.

“Treat anything that you didn’t request as potentially suspicious,” says Aaron Hansen, a sales engineer at SDN Communications. “If someone is reaching out to you, you should verify the offer on your own.”

SDN is the leading regional provider of broadband connectivity and cybersecurity services for businesses and institutions in the Sioux Falls region. Hansen and other security experts at SDN have the experience and expertise to offer other general suggestions for increasing protection.

Organizations can take steps to increase the security of their internal networks:

  • Disable and control access to ports that provide network access.
  • Wi-Fi access for guests should go to a separate, segregated network, not into the corporate portion of the network.
  • Apply patches and software updates to servers and network appliances promptly and regularly.
  • Encrypt data as much as possible, especially data that’s transported on laptops, phones and other mobile devices.
  • Keep domain registrations and security records up to date and accurate.
  • Use Network Time Protocol to keep clocks throughout a network well synchronized. Accurate timing is especially helpful in tracing security events.
  • Require two-step or multi-factor authentication for someone to, for example, log into a special site. Just asking for a person’s name and password to access information is no longer enough. Also require, for example, a code number that can be sent to an approved mobile device. Enhancing physical security might require biometric proof such as a fingerprint, iris features or voice pattern.

Maintaining good physical security in buildings is an important component of network security. Access to areas such as server rooms should be limited to people who need access.

“We’ve got a lot of expensive assets that we’re trying into to protect, along with people,” says Conrad Carson, supervisor of operations engineering at SDN. “The whole premise is to control your space and who’s here when, and track their actions.”

SDN, like many companies, requires all employees to wear identification badges, which double as keys that can be programmed to provide or deny access to specified areas in an office or plant. In secure locations, people are likely to be on camera, too.

Video surveillance and alarm systems have become standard features to enhance security in many commercial settings. Less common, but also valuable, are services such Remote Network Monitoring, which SDN provides to keep watch on clients’ networks 24 hours a day, every day of the year.

Good physical security will help prevent and deter thievery and mischief. But rather than a crow bar or sledge hammer, today’s bad guys are more likely to use tools such as an altered thumb drive to infiltrate a corporate network. Keep that in mind when planning and implementing your strategy for layered security.

This is the fifth in a series of blogs about taking a layered approach to cybersecurity. The next installment focuses on protecting employee workstations. You can find links to our previous blogs in the series below.

Read the next blog in the series:

Protect workstations with good policy, tools and common sense

Previous blogs in the series:

Good cybersecurity must start at the top - and stay there

Good training is critical to keeping business networks safe

Protecting edge of a network from outside world is a big job